Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

100's of new blank windows at startup...


  • This topic is locked This topic is locked

#1
tammy111

tammy111

    Member

  • Member
  • PipPip
  • 95 posts
hello. please help me if you can. When i start up my laptop, i get hundreds of popup new blank windows all over my screen. i downloaded OTL.exe and one of the alternates just in case, malwarebytes, and combofix....all to a thumb drive. i cannot access internet w/infected laptop. i tried to run the OTL but it wont do anything....and combo fix opens a tiny window with green progression lines across it, but stops at that. HELP!!

thanks in advance

tammy
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi do you have the ability to burn a CD that we could use to boot your computer with ?

Please print these instruction out so that you know what you are doing

Latest version: v3.1.46.0

OTLPENet.exe
MD5=79209302A1AFB2490808DB890A815CED
Size: 127,222,215b / 121.3MB

  • Download this scan.txt to a USB drive[attachment=50118:scan.txt]
  • Download OTLPENet.exe to your desktop
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.
    Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)

  • Your system should now display a Reatogo desktop.
    Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Double click the Custom scans and fixes box
  • In the dialogue locate the scan.txt you have on the USB
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system.
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#3
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
My husband told me to get on this site and be patient and follow instructions. He may be mad at me tonite. I ran the utility to get rid of avg, then ran Combofix and it is running now (different computer than this one)..I hope I didnt mess something up by not waiting for instructions. Should I report what Combofix does when its done? Or, stop it now and follow your instruction?

Sorry for jumping the gun.....

tammy
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem M'Dear we can proceed quite happily :) and I won't tell if you don't

Could you post the combofix log please and then run the two following programmes

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#5
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Once again, my fault for not waiting and following instructions. Before your reply, I ran combofix followed by malwarebytes. The latter found 278 errors or infected files but at bedtime, had been running for over 7hrs, so I left it going and went to bed. This morning, when I checked it, it apparently had rebooted b/c it was at the blue screen with the users listed. When I chose my user, it started up and began popping up tons of blank windows just as it did yesterday. The difference now is that I cannot move file from my usb drive to the desktop or run them from the usb. The right mouse button also is disabled. I tried downloading OTL, aswNBR to usb drive but I cannot run or move them from the usb drive to the infected computer.

Should I create the boot disc on CD from your firt response. I think I will make it, but I'll wait for your instruction this time before I run it :-)
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Aye burn the boot cd and we will work from there
  • 0

#7
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Ok, I went ahead and created the disc and ran it. Thank you sooo much for helping me!! Here is the OTL.txt results:


OTL logfile created on: 5/18/2011 1:17:22 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

703.00 Mb Total Physical Memory | 476.00 Mb Available Physical Memory | 68.00% Memory free
647.00 Mb Paging File | 518.00 Mb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 14.41 Gb Free Space | 38.67% Space Free | Partition Type: NTFS
Drive D: | 62.77 Mb Total Space | 56.91 Mb Free Space | 90.67% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2008/06/19 12:51:03 | 000,611,664 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2004/08/05 20:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2002/09/20 18:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand] -- -- (muIO)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2004/08/25 05:03:28 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/04 14:05:20 | 000,341,760 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/04/14 13:52:22 | 000,005,632 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atiide.sys -- (atiide)
DRV - [2004/04/14 11:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/03/25 18:54:24 | 000,680,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/10/30 09:40:56 | 001,205,324 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/10/23 11:11:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003/10/07 23:40:00 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/06/06 15:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2003/04/23 11:06:40 | 000,013,174 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atisgkaf.SYS -- (caboagp)
DRV - [2001/08/17 03:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.whitesmok.../?cfg=2-267-0-0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://myclearsearch.com/
IE - HKU\Tammy_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\Tammy_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\Tristan_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKU\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\Tyler_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Tyler_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2011/05/17 16:59:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tammy_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tammy_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Tammy_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Tristan_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tristan_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Tyler_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tyler_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Tyler_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] File not found
O4 - HKLM..\Run: [AppleSyncNotifier] File not found
O4 - HKLM..\Run: [HNUjcIXnb] File not found
O4 - HKLM..\Run: [HNUjcIXnd] File not found
O4 - HKLM..\Run: [HNUjcIXnf6] File not found
O4 - HKLM..\Run: [HNUjcIXnflc] File not found
O4 - HKLM..\Run: [HNUjcIXnfp] File not found
O4 - HKLM..\Run: [HNUjcIXnfQ] File not found
O4 - HKLM..\Run: [HNUjcIXngqc] File not found
O4 - HKLM..\Run: [HNUjcIXngqgc] File not found
O4 - HKLM..\Run: [HNUjcIXngqgK] File not found
O4 - HKLM..\Run: [HNUjcIXngqj] File not found
O4 - HKLM..\Run: [HNUjcIXno1] File not found
O4 - HKLM..\Run: [HNUjcIXnoc] File not found
O4 - HKLM..\Run: [HNUjcIXnqe] File not found
O4 - HKLM..\Run: [HNUjcIXnrc] File not found
O4 - HKLM..\Run: [HNUjcIXnrH0] File not found
O4 - HKLM..\Run: [HNUjcIXnrHj] File not found
O4 - HKLM..\Run: [HNUjcIXnrHK] File not found
O4 - HKLM..\Run: [HNUjcIXnsb] File not found
O4 - HKLM..\Run: [HNUjcIXnsw0] File not found
O4 - HKLM..\Run: [HNUjcIXnswj] File not found
O4 - HKLM..\Run: [HNUjcIXnswK] File not found
O4 - HKLM..\Run: [HNUjcIXnt2] File not found
O4 - HKLM..\Run: [HNUjcIXntd0] File not found
O4 - HKLM..\Run: [HNUjcIXntdc] File not found
O4 - HKLM..\Run: [HNUjcIXntdg0] File not found
O4 - HKLM..\Run: [HNUjcIXntdgc] File not found
O4 - HKLM..\Run: [HNUjcIXntdgj] File not found
O4 - HKLM..\Run: [HNUjcIXntdj] File not found
O4 - HKLM..\Run: [HNUjcIXntdK] File not found
O4 - HKLM..\Run: [HNUjcIXnte] File not found
O4 - HKLM..\Run: [HNUjcIXntg] File not found
O4 - HKLM..\Run: [HNUjcIXntI] File not found
O4 - HKLM..\Run: [HNUjcIXntz0] File not found
O4 - HKLM..\Run: [HNUjcIXntzgc] File not found
O4 - HKLM..\Run: [HNUjcIXntzj] File not found
O4 - HKLM..\Run: [HNUjcIXnVc] File not found
O4 - HKLM..\Run: [HNUjcIXnVg0] File not found
O4 - HKLM..\Run: [HNUjcIXnVgj] File not found
O4 - HKLM..\Run: [HNUjcIXnVgK] File not found
O4 - HKLM..\Run: [HNUjcIXnVK] File not found
O4 - HKLM..\Run: [HNUjcIXnw0c] File not found
O4 - HKLM..\Run: [HNUjcIXnw3] File not found
O4 - HKLM..\Run: [HNUjcIXnwd0] File not found
O4 - HKLM..\Run: [HNUjcIXnwe] File not found
O4 - HKLM..\Run: [HNUjcIXnwg] File not found
O4 - HKLM..\Run: [HNUjcIXnX0] File not found
O4 - HKLM..\Run: [HNUjcIXnXg0] File not found
O4 - HKLM..\Run: [HNUjcIXnXgc] File not found
O4 - HKLM..\Run: [HNUjcIXnXgg0] File not found
O4 - HKLM..\Run: [HNUjcIXnXggc] File not found
O4 - HKLM..\Run: [HNUjcIXnXggg0] File not found
O4 - HKLM..\Run: [HNUjcIXnXgggc] File not found
O4 - HKLM..\Run: [HNUjcIXnXgggj] File not found
O4 - HKLM..\Run: [HNUjcIXnXgggK] File not found
O4 - HKLM..\Run: [HNUjcIXnXggj] File not found
O4 - HKLM..\Run: [HNUjcIXnXggK] File not found
O4 - HKLM..\Run: [HNUjcIXnXgj] File not found
O4 - HKLM..\Run: [HNUjcIXnXgK] File not found
O4 - HKLM..\Run: [HNUjcIXnXj] File not found
O4 - HKLM..\Run: [HNUjcIXnXK] File not found
O4 - HKLM..\Run: [HNUjcIXnY] File not found
O4 - HKLM..\Run: [HNUjcIXnZ0] File not found
O4 - HKLM..\Run: [HNUjcIXnZj] File not found
O4 - HKLM..\Run: [HNUjcIXnZK] File not found
O4 - HKLM..\Run: [HNUnaIXnb] File not found
O4 - HKLM..\Run: [HNUnaIXnd] File not found
O4 - HKLM..\Run: [HNUnaIXneP] File not found
O4 - HKLM..\Run: [HNUnaIXnf6] File not found
O4 - HKLM..\Run: [HNUnaIXnfQ] File not found
O4 - HKLM..\Run: [HNUnaIXnrc] File not found
O4 - HKLM..\Run: [HNUnaIXnrHc] File not found
O4 - HKLM..\Run: [HNUnaIXnrHK] File not found
O4 - HKLM..\Run: [HNUnaIXnrK] File not found
O4 - HKLM..\Run: [HNUnaIXnsb] File not found
O4 - HKLM..\Run: [HNUnaIXnsd] File not found
O4 - HKLM..\Run: [HNUnaIXnsF] File not found
O4 - HKLM..\Run: [HNUnaIXnsZc] File not found
O4 - HKLM..\Run: [HNUnaIXnuf] File not found
O4 - HKLM..\Run: [HNUnaIXnus0] File not found
O4 - HKLM..\Run: [HNUnaIXnusc] File not found
O4 - HKLM..\Run: [HNUnaIXnusj] File not found
O4 - HKLM..\Run: [HNUnaIXnusK] File not found
O4 - HKLM..\Run: [HNUnaIXnvc] File not found
O4 - HKLM..\Run: [HNUnaIXnvZ] File not found
O4 - HKLM..\Run: [HNUnaIXnwdc] File not found
O4 - HKLM..\Run: [HNUnaIXnwg] File not found
O4 - HKLM..\Run: [HNUnaIXnwpc] File not found
O4 - HKLM..\Run: [HNUnaIXnwpK] File not found
O4 - HKLM..\Run: [HNUnaIXnxb] File not found
O4 - HKLM..\Run: [HNUnaIXnXc] File not found
O4 - HKLM..\Run: [HNUnaIXnXK] File not found
O4 - HKLM..\Run: [HNUnaIXnz9] File not found
O4 - HKLM..\Run: [HNUnaIXnZc] File not found
O4 - HKLM..\Run: [HNUnaIXnzZ] File not found
O4 - HKLM..\Run: [iTunesHelper] File not found
O4 - HKLM..\Run: [MKaH] File not found
O4 - HKLM..\Run: [MKaoc] File not found
O4 - HKLM..\Run: [MKaoK] File not found
O4 - HKLM..\Run: [MKaZ] File not found
O4 - HKLM..\Run: [MKbta] File not found
O4 - HKLM..\Run: [MKbuq0] File not found
O4 - HKLM..\Run: [MKbuqc] File not found
O4 - HKLM..\Run: [MKbuqj] File not found
O4 - HKLM..\Run: [MKdw+] File not found
O4 - HKLM..\Run: [MKea0] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeac] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeag0] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeagc] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaggc] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaggK] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeagj] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeagK] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaj] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaK] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKee] C:\WINDOWS\user.exe ()
O4 - HKLM..\Run: [MKerb] File not found
O4 - HKLM..\Run: [MKeta] C:\WINDOWS\services.exe ()
O4 - HKLM..\Run: [MKetW0] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWc] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWg0] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWgc] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWggc] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWgj] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWgK] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWj] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWK] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKeuf] File not found
O4 - HKLM..\Run: [MKeuK0] File not found
O4 - HKLM..\Run: [MKeuKj] File not found
O4 - HKLM..\Run: [MKewe] File not found
O4 - HKLM..\Run: [MKexe] File not found
O4 - HKLM..\Run: [MKfa] File not found
O4 - HKLM..\Run: [MKfPc] File not found
O4 - HKLM..\Run: [MKfpe] File not found
O4 - HKLM..\Run: [MKfpI] File not found
O4 - HKLM..\Run: [MKfPK] File not found
O4 - HKLM..\Run: [MKfre] File not found
O4 - HKLM..\Run: [MKfrJc] File not found
O4 - HKLM..\Run: [MKfrJK] File not found
O4 - HKLM..\Run: [MKfrN] File not found
O4 - HKLM..\Run: [MKZe] File not found
O4 - HKLM..\Run: [MKZJ0] File not found
O4 - HKLM..\Run: [MKZJj] File not found
O4 - HKLM..\Run: [MKZS0] File not found
O4 - HKLM..\Run: [MKZSc] File not found
O4 - HKLM..\Run: [MKZSg0] File not found
O4 - HKLM..\Run: [MKZSgc] File not found
O4 - HKLM..\Run: [MKZSgK] File not found
O4 - HKLM..\Run: [MKZSj] File not found
O4 - HKLM..\Run: [QuickTime Task] File not found
O4 - HKU\Tammy_ON_C..\Run: [BackupNotify] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnb] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnd] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnf6] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnfQ] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXngqc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnoc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnqe] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnrc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnsb] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnt2] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntd0] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdgc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdj] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdK] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnte] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntg] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntI] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnVc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnVK] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnwe] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnwg] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnY] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKbuqc] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKeuf] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKfa] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKZe] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKZSc] File not found
O4 - HKU\Tammy_ON_C..\Run: [RecordNow!] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUjcIXnqe] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUjcIXnVgj] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnf6] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrHc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrHK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnsF] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnsZc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnus0] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnusj] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnusK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnwdc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnwpK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnXc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnXK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnz9] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnZc] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKaH] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKaoK] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKbta] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKdw+] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKea0] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeac] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeag0] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeagc] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaggc] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaggK] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeagj] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeagK] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaj] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaK] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKee] C:\WINDOWS\user.exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKerb] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetW0] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWc] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWg0] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWgc] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWggc] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWgj] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWgK] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWj] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWK] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKewe] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKexe] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfa] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfpe] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfpI] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfPK] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfre] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfrJc] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfrJK] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfrN] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKZSg0] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKZSgc] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKZSgK] File not found
O4 - HKU\Tristan_ON_C..\Run: [RecordNow!] File not found
O4 - HKU\Tyler_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe ()
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnflc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnfp] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqgc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqgK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXno1] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnqe] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrH0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrHj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrHK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnsw0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnswj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnswK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntdg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntdgj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntz0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntzgc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntzj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnVg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnVgK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnw0c] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnw3] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnwd0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnX0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZ0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnb] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnd] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXneP] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnfQ] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnrc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnsb] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnsd] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnuf] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnusc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnvc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnvZ] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnwg] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnwpc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnxb] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnz9] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnzZ] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKaoc] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKaZ] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKbuq0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKbuqj] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKdw+] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKerb] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe ()
O4 - HKU\Tyler_ON_C..\Run: [MKeuK0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKeuKj] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKewe] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKexe] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKfa] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKfPc] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZJ0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZJj] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZS0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZSj] File not found
O4 - HKU\Tyler_ON_C..\Run: [RecordNow!] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.55.5.10 209.55.5.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Blue Sonic.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Blue Sonic.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Monitor.lnk - C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe - (SanDisk)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe - (Intuit Inc.)
MsConfig - StartUpReg: 19e2513e - hkey= - key= - File not found
MsConfig - StartUpReg: AGRSMMSG - hkey= - key= - C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
MsConfig - StartUpReg: Apoint - hkey= - key= - File not found
MsConfig - StartUpReg: ATIModeChange - hkey= - key= - File not found
MsConfig - StartUpReg: ATIPTA - hkey= - key= - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
MsConfig - StartUpReg: BM1ad162a2 - hkey= - key= - File not found
MsConfig - StartUpReg: Cpqset - hkey= - key= - C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
MsConfig - StartUpReg: DXDllRegExe - hkey= - key= - File not found
MsConfig - StartUpReg: eabconfg.cpl - hkey= - key= - C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: HPDJ Taskbar Utility - hkey= - key= - File not found
MsConfig - StartUpReg: HPHmon05 - hkey= - key= - File not found
MsConfig - StartUpReg: HPHUPD05 - hkey= - key= - File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - File not found
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: pccguide.exe - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - File not found
MsConfig - StartUpReg: runner1 - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe ()
MsConfig - StartUpReg: UpdateManager - hkey= - key= - C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 1

SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.1.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/05/18 11:59:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies
[2011/05/18 04:18:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Default User\Cookies
[2011/05/17 17:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tristan\Application Data\Malwarebytes
[2011/05/17 17:14:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/17 17:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/17 17:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/17 17:14:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/17 17:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/17 17:14:00 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/17 17:13:45 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/05/17 17:13:41 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tristan\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/17 17:12:16 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/05/17 17:10:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/05/17 17:07:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/17 16:53:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/05/17 15:50:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/17 15:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/05/17 15:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/05/17 15:45:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/17 15:45:38 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/17 15:45:38 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/17 15:45:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/17 15:45:08 | 000,000,000 | ---D | C] -- C:\George.exe
[2011/05/17 15:41:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/17 15:41:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/17 13:11:21 | 001,090,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Tyler\Desktop\avg_remover_stf_x86_2011_1184.exe
[2011/05/17 12:14:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.scr
[2011/05/17 12:14:11 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.exe
[2011/05/17 12:12:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\PrivacIE
[2011/05/17 12:12:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IECompatCache
[2011/05/17 12:12:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\UserData
[2007/08/31 13:33:24 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/18 12:52:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/18 12:51:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/18 12:51:26 | 737,202,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 11:04:15 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:03:47 | 000,072,752 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 11:03:26 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:03:06 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 11:02:36 | 000,072,744 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:01:59 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 08:12:04 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 08:12:01 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:11:27 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 04:38:20 | 000,305,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/18 04:21:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/18 04:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/17 17:14:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/17 17:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/17 17:13:51 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tristan\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/17 17:08:27 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\Tristan\Application Data\$_hpcst$.hpc
[2011/05/17 17:01:01 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/17 17:01:01 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/17 17:00:28 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/17 16:59:28 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/17 16:59:27 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services.exe
[2011/05/17 16:59:26 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user.exe
[2011/05/17 16:59:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/17 15:50:34 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/05/17 14:57:24 | 000,016,316 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/17 13:07:14 | 004,350,228 | ---- | M] () -- C:\Documents and Settings\Tyler\Desktop\George.exe.exe
[2011/05/17 11:44:49 | 000,405,878 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/17 11:44:49 | 000,066,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/16 23:02:34 | 001,090,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Tyler\Desktop\avg_remover_stf_x86_2011_1184.exe
[2011/05/16 17:00:26 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Tyler\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/14 14:50:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.scr
[2011/05/14 14:50:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/17 17:14:28 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/17 17:08:27 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Tristan\Application Data\$_hpcst$.hpc
[2011/05/17 15:50:34 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/17 15:50:27 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/17 15:45:38 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/17 15:45:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/17 15:45:38 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/17 15:45:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/17 15:45:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/17 13:17:40 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Tyler\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/17 13:11:13 | 004,350,228 | ---- | C] () -- C:\Documents and Settings\Tyler\Desktop\George.exe.exe
[2011/04/12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,744 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user.exe
[2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,016,220 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 22:50:44 | 000,072,736 | ---- | C] () -- C:\WINDOWS\spoolsv .exe
[2011/04/12 22:50:44 | 000,072,728 | ---- | C] () -- C:\WINDOWS\iexplarer .exe
[2011/04/12 22:48:02 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\57c77O8q.dat
[2011/04/12 22:44:40 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp .exe
[2011/04/12 22:44:37 | 000,072,752 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,740 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services.exe
[2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,016,316 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:36 | 000,100,000 | -H-- | C] () -- C:\WINDOWS\mdm.exe
[2011/04/12 22:44:36 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp32 .exe
[2009/10/27 22:05:58 | 000,002,500 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\evpro32.prf
[2008/12/14 22:57:12 | 000,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2008/09/27 22:17:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2008/08/30 21:15:49 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Tyler\Application Data\$_hpcst$.hpc
[2008/08/20 11:30:54 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/06/19 15:18:21 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2008/06/19 15:18:09 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2008/06/19 13:55:48 | 000,000,240 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/05/16 12:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008/05/02 15:25:01 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2008/03/12 18:31:21 | 000,000,294 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/03/08 00:18:59 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
[2008/03/08 00:12:03 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/03/08 00:12:03 | 000,002,551 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/01/06 21:43:05 | 000,130,971 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2008/01/06 21:43:05 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2007/06/21 15:46:18 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/20 13:07:30 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\$_hpcst$.hpc
[2007/05/24 12:22:23 | 000,003,653 | ---- | C] () -- C:\Documents and Settings\Tammy\r
[2007/03/29 15:00:49 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/11/01 08:47:43 | 000,003,472 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/09/08 11:34:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/08/18 14:21:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/07/05 10:40:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/06/25 15:37:25 | 000,000,094 | ---- | C] () -- C:\WINDOWS\Pro.INI
[2005/06/25 15:36:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\BigKey.dll
[2005/06/25 15:35:42 | 000,225,792 | ---- | C] () -- C:\WINDOWS\System32\imgman30.dll
[2005/06/25 15:35:39 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\pg32conv.dll
[2005/04/30 13:24:42 | 000,002,254 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2005/04/11 11:50:41 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\fusioncache.dat
[2005/04/04 16:22:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2004/08/25 05:44:10 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/25 05:01:35 | 000,006,848 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2004/08/25 05:01:22 | 000,018,403 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2004/08/25 05:01:22 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2004/08/25 04:54:31 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2004/08/25 04:54:31 | 000,029,116 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2004/08/25 04:48:37 | 000,000,912 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/08/25 04:32:17 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/25 03:51:17 | 000,028,779 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2004/08/25 03:51:17 | 000,024,681 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2004/08/25 03:50:19 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/08/07 09:16:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/07 09:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 09:10:30 | 000,405,878 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/07 09:10:30 | 000,066,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/07 09:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/07 09:02:54 | 000,305,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/07 08:57:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/07 08:54:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/04 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/25 18:53:08 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/03/25 18:53:04 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/03/17 09:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 09:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/01/09 07:22:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/28 04:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 04:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1998/04/15 11:29:38 | 000,000,429 | ---- | C] () -- C:\WINDOWS\System32\hspell.ini

========== LOP Check ==========

[2011/02/21 13:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\whitesmoketoolbar
[2008/05/02 15:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Big Fish Games
[2006/09/15 12:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Common Files
[2008/04/23 12:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\GameHouse
[2005/04/04 15:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Leadertech
[2008/05/08 11:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Restorer
[2008/08/20 11:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Sudden Games
[2010/04/16 00:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\TaxCut
[2005/04/10 10:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\Template
[2011/04/12 22:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tammy\Application Data\whitesmoketoolbar
[2008/09/27 21:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tyler\Application Data\InterVideo
[2011/05/17 11:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tyler\Application Data\whitesmoketoolbar
[2008/05/22 10:57:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astar Games
[2011/05/17 15:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/02/21 01:28:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2008/06/27 14:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum
[2008/06/06 16:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2011/02/21 01:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2004/08/25 04:35:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/01/26 22:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2009/01/27 18:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Raize
[2007/11/09 13:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/04/15 19:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2011/02/21 00:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/12/09 01:56:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[1998/10/07 18:15:56 | 000,122,832 | ---- | M] () -- C:\UNWISE.EXE
[1 C:\*.tmp files -> C:\*.tmp -> ]


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 04:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 20:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/04 04:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 04:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 20:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: VOLSNAP.IN_ >
[2004/08/04 09:00:00 | 000,000,698 | ---- | M] () MD5=62C53D73B499DF617902EEA3C96F7D89 -- C:\I386\VOLSNAP.IN_

< MD5 for: VOLSNAP.INF >
[2004/08/04 04:00:00 | 000,001,095 | ---- | M] () MD5=1C43F4D998567C9D2463E18669F33A3C -- C:\WINDOWS\inf\volsnap.inf

< MD5 for: VOLSNAP.PNF >
[2004/08/25 02:29:09 | 000,004,964 | ---- | M] () MD5=9E0039CBC0870983D0F9506BAE90DB58 -- C:\WINDOWS\inf\volsnap.PNF

< MD5 for: VOLSNAP.SY_ >
[2004/08/04 09:00:00 | 000,025,390 | ---- | M] () MD5=E021CFE0CAD70AC0F44999A892CBB9C5 -- C:\I386\VOLSNAP.SY_

< MD5 for: VOLSNAP.SYS >
[2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[2008/04/13 14:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2004/08/04 04:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys

< MD5 for: WINLOGON.EXE >
[2004/08/04 04:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< CREATERESTOREPOINT >



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD9F7E4E
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED810E46
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7290F122
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5294695
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D055FC10
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0A9D0E7
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85C3B823
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACB70D7
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90D89144
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43301D1D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70E897B5
< End of report >
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lots to kill here - you had whitesmoke as the main infector

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB
[attachment=50149:fix.txt]
  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

  • 0

#9
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
OTL logfile created on: 5/18/2011 2:55:26 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

703.00 Mb Total Physical Memory | 401.00 Mb Available Physical Memory | 57.00% Memory free
647.00 Mb Paging File | 464.00 Mb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 14.41 Gb Free Space | 38.67% Space Free | Partition Type: NTFS
Drive D: | 62.77 Mb Total Space | 56.75 Mb Free Space | 90.42% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2008/06/19 12:51:03 | 000,611,664 | ---- | M] (Lavasoft) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2004/08/05 20:23:10 | 000,308,352 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe -- (SymWSC)
SRV - [2002/09/20 18:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand] -- -- (muIO)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2004/08/25 05:03:28 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/04 14:05:20 | 000,341,760 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/04/14 13:52:22 | 000,005,632 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atiide.sys -- (atiide)
DRV - [2004/04/14 11:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/03/25 18:54:24 | 000,680,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/10/30 09:40:56 | 001,205,324 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003/10/23 11:11:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003/10/07 23:40:00 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/06/06 15:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2003/04/23 11:06:40 | 000,013,174 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atisgkaf.SYS -- (caboagp)
DRV - [2001/08/17 03:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.whitesmok.../?cfg=2-267-0-0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://myclearsearch.com/
IE - HKU\Tammy_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKU\Tammy_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\Tristan_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKU\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =

IE - HKU\Tyler_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Tyler_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2011/05/17 16:59:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tammy_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tammy_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Tammy_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\Tristan_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tristan_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Tyler_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Tyler_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\Tyler_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] File not found
O4 - HKLM..\Run: [AppleSyncNotifier] File not found
O4 - HKLM..\Run: [HNUjcIXnb] File not found
O4 - HKLM..\Run: [HNUjcIXnd] File not found
O4 - HKLM..\Run: [HNUjcIXnf6] File not found
O4 - HKLM..\Run: [HNUjcIXnflc] File not found
O4 - HKLM..\Run: [HNUjcIXnfp] File not found
O4 - HKLM..\Run: [HNUjcIXnfQ] File not found
O4 - HKLM..\Run: [HNUjcIXngqc] File not found
O4 - HKLM..\Run: [HNUjcIXngqgc] File not found
O4 - HKLM..\Run: [HNUjcIXngqgK] File not found
O4 - HKLM..\Run: [HNUjcIXngqj] File not found
O4 - HKLM..\Run: [HNUjcIXno1] File not found
O4 - HKLM..\Run: [HNUjcIXnoc] File not found
O4 - HKLM..\Run: [HNUjcIXnqe] File not found
O4 - HKLM..\Run: [HNUjcIXnrc] File not found
O4 - HKLM..\Run: [HNUjcIXnrH0] File not found
O4 - HKLM..\Run: [HNUjcIXnrHj] File not found
O4 - HKLM..\Run: [HNUjcIXnrHK] File not found
O4 - HKLM..\Run: [HNUjcIXnsb] File not found
O4 - HKLM..\Run: [HNUjcIXnsw0] File not found
O4 - HKLM..\Run: [HNUjcIXnswj] File not found
O4 - HKLM..\Run: [HNUjcIXnswK] File not found
O4 - HKLM..\Run: [HNUjcIXnt2] File not found
O4 - HKLM..\Run: [HNUjcIXntd0] File not found
O4 - HKLM..\Run: [HNUjcIXntdc] File not found
O4 - HKLM..\Run: [HNUjcIXntdg0] File not found
O4 - HKLM..\Run: [HNUjcIXntdgc] File not found
O4 - HKLM..\Run: [HNUjcIXntdgj] File not found
O4 - HKLM..\Run: [HNUjcIXntdj] File not found
O4 - HKLM..\Run: [HNUjcIXntdK] File not found
O4 - HKLM..\Run: [HNUjcIXnte] File not found
O4 - HKLM..\Run: [HNUjcIXntg] File not found
O4 - HKLM..\Run: [HNUjcIXntI] File not found
O4 - HKLM..\Run: [HNUjcIXntz0] File not found
O4 - HKLM..\Run: [HNUjcIXntzgc] File not found
O4 - HKLM..\Run: [HNUjcIXntzj] File not found
O4 - HKLM..\Run: [HNUjcIXnVc] File not found
O4 - HKLM..\Run: [HNUjcIXnVg0] File not found
O4 - HKLM..\Run: [HNUjcIXnVgj] File not found
O4 - HKLM..\Run: [HNUjcIXnVgK] File not found
O4 - HKLM..\Run: [HNUjcIXnVK] File not found
O4 - HKLM..\Run: [HNUjcIXnw0c] File not found
O4 - HKLM..\Run: [HNUjcIXnw3] File not found
O4 - HKLM..\Run: [HNUjcIXnwd0] File not found
O4 - HKLM..\Run: [HNUjcIXnwe] File not found
O4 - HKLM..\Run: [HNUjcIXnwg] File not found
O4 - HKLM..\Run: [HNUjcIXnX0] File not found
O4 - HKLM..\Run: [HNUjcIXnXg0] File not found
O4 - HKLM..\Run: [HNUjcIXnXgc] File not found
O4 - HKLM..\Run: [HNUjcIXnXgg0] File not found
O4 - HKLM..\Run: [HNUjcIXnXggc] File not found
O4 - HKLM..\Run: [HNUjcIXnXggg0] File not found
O4 - HKLM..\Run: [HNUjcIXnXgggc] File not found
O4 - HKLM..\Run: [HNUjcIXnXgggj] File not found
O4 - HKLM..\Run: [HNUjcIXnXgggK] File not found
O4 - HKLM..\Run: [HNUjcIXnXggj] File not found
O4 - HKLM..\Run: [HNUjcIXnXggK] File not found
O4 - HKLM..\Run: [HNUjcIXnXgj] File not found
O4 - HKLM..\Run: [HNUjcIXnXgK] File not found
O4 - HKLM..\Run: [HNUjcIXnXj] File not found
O4 - HKLM..\Run: [HNUjcIXnXK] File not found
O4 - HKLM..\Run: [HNUjcIXnY] File not found
O4 - HKLM..\Run: [HNUjcIXnZ0] File not found
O4 - HKLM..\Run: [HNUjcIXnZj] File not found
O4 - HKLM..\Run: [HNUjcIXnZK] File not found
O4 - HKLM..\Run: [HNUnaIXnb] File not found
O4 - HKLM..\Run: [HNUnaIXnd] File not found
O4 - HKLM..\Run: [HNUnaIXneP] File not found
O4 - HKLM..\Run: [HNUnaIXnf6] File not found
O4 - HKLM..\Run: [HNUnaIXnfQ] File not found
O4 - HKLM..\Run: [HNUnaIXnrc] File not found
O4 - HKLM..\Run: [HNUnaIXnrHc] File not found
O4 - HKLM..\Run: [HNUnaIXnrHK] File not found
O4 - HKLM..\Run: [HNUnaIXnrK] File not found
O4 - HKLM..\Run: [HNUnaIXnsb] File not found
O4 - HKLM..\Run: [HNUnaIXnsd] File not found
O4 - HKLM..\Run: [HNUnaIXnsF] File not found
O4 - HKLM..\Run: [HNUnaIXnsZc] File not found
O4 - HKLM..\Run: [HNUnaIXnuf] File not found
O4 - HKLM..\Run: [HNUnaIXnus0] File not found
O4 - HKLM..\Run: [HNUnaIXnusc] File not found
O4 - HKLM..\Run: [HNUnaIXnusj] File not found
O4 - HKLM..\Run: [HNUnaIXnusK] File not found
O4 - HKLM..\Run: [HNUnaIXnvc] File not found
O4 - HKLM..\Run: [HNUnaIXnvZ] File not found
O4 - HKLM..\Run: [HNUnaIXnwdc] File not found
O4 - HKLM..\Run: [HNUnaIXnwg] File not found
O4 - HKLM..\Run: [HNUnaIXnwpc] File not found
O4 - HKLM..\Run: [HNUnaIXnwpK] File not found
O4 - HKLM..\Run: [HNUnaIXnxb] File not found
O4 - HKLM..\Run: [HNUnaIXnXc] File not found
O4 - HKLM..\Run: [HNUnaIXnXK] File not found
O4 - HKLM..\Run: [HNUnaIXnz9] File not found
O4 - HKLM..\Run: [HNUnaIXnZc] File not found
O4 - HKLM..\Run: [HNUnaIXnzZ] File not found
O4 - HKLM..\Run: [iTunesHelper] File not found
O4 - HKLM..\Run: [MKaH] File not found
O4 - HKLM..\Run: [MKaoc] File not found
O4 - HKLM..\Run: [MKaoK] File not found
O4 - HKLM..\Run: [MKaZ] File not found
O4 - HKLM..\Run: [MKbta] File not found
O4 - HKLM..\Run: [MKbuq0] File not found
O4 - HKLM..\Run: [MKbuqc] File not found
O4 - HKLM..\Run: [MKbuqj] File not found
O4 - HKLM..\Run: [MKdw+] File not found
O4 - HKLM..\Run: [MKea0] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeac] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeag0] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeagc] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaggc] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaggK] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeagj] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeagK] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaj] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKeaK] C:\WINDOWS\user .exe ()
O4 - HKLM..\Run: [MKee] C:\WINDOWS\user.exe ()
O4 - HKLM..\Run: [MKerb] File not found
O4 - HKLM..\Run: [MKeta] C:\WINDOWS\services.exe ()
O4 - HKLM..\Run: [MKetW0] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWc] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWg0] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWgc] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWggc] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWgj] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWgK] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWj] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKetWK] C:\WINDOWS\services .exe ()
O4 - HKLM..\Run: [MKeuf] File not found
O4 - HKLM..\Run: [MKeuK0] File not found
O4 - HKLM..\Run: [MKeuKj] File not found
O4 - HKLM..\Run: [MKewe] File not found
O4 - HKLM..\Run: [MKexe] File not found
O4 - HKLM..\Run: [MKfa] File not found
O4 - HKLM..\Run: [MKfPc] File not found
O4 - HKLM..\Run: [MKfpe] File not found
O4 - HKLM..\Run: [MKfpI] File not found
O4 - HKLM..\Run: [MKfPK] File not found
O4 - HKLM..\Run: [MKfre] File not found
O4 - HKLM..\Run: [MKfrJc] File not found
O4 - HKLM..\Run: [MKfrJK] File not found
O4 - HKLM..\Run: [MKfrN] File not found
O4 - HKLM..\Run: [MKZe] File not found
O4 - HKLM..\Run: [MKZJ0] File not found
O4 - HKLM..\Run: [MKZJj] File not found
O4 - HKLM..\Run: [MKZS0] File not found
O4 - HKLM..\Run: [MKZSc] File not found
O4 - HKLM..\Run: [MKZSg0] File not found
O4 - HKLM..\Run: [MKZSgc] File not found
O4 - HKLM..\Run: [MKZSgK] File not found
O4 - HKLM..\Run: [MKZSj] File not found
O4 - HKLM..\Run: [QuickTime Task] File not found
O4 - HKU\Tammy_ON_C..\Run: [BackupNotify] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnb] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnd] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnf6] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnfQ] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXngqc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnoc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnqe] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnrc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnsb] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnt2] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntd0] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdgc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdj] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdK] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnte] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntg] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntI] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnVc] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnVK] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnwe] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnwg] File not found
O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnY] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKbuqc] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKeuf] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKfa] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKZe] File not found
O4 - HKU\Tammy_ON_C..\Run: [MKZSc] File not found
O4 - HKU\Tammy_ON_C..\Run: [RecordNow!] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUjcIXnqe] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUjcIXnVgj] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnf6] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrHc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrHK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnsF] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnsZc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnus0] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnusj] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnusK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnwdc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnwpK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnXc] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnXK] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnz9] File not found
O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnZc] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKaH] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKaoK] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKbta] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKdw+] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKea0] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeac] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeag0] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeagc] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaggc] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaggK] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeagj] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeagK] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaj] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKeaK] C:\WINDOWS\user .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKee] C:\WINDOWS\user.exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKerb] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetW0] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWc] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWg0] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWgc] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWggc] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWgj] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWgK] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWj] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKetWK] C:\WINDOWS\services .exe ()
O4 - HKU\Tristan_ON_C..\Run: [MKewe] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKexe] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfa] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfpe] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfpI] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfPK] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfre] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfrJc] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfrJK] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKfrN] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKZSg0] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKZSgc] File not found
O4 - HKU\Tristan_ON_C..\Run: [MKZSgK] File not found
O4 - HKU\Tristan_ON_C..\Run: [RecordNow!] File not found
O4 - HKU\Tyler_ON_C..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe ()
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnflc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnfp] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqgc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqgK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXno1] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnqe] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrH0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrHj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrHK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnsw0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnswj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnswK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntdg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntdgj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntz0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntzgc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntzj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnVg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnVgK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnw0c] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnw3] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnwd0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnX0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggg0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZ0] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZj] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZK] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnb] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnd] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXneP] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnfQ] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnrc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnsb] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnsd] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnuf] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnusc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnvc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnvZ] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnwg] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnwpc] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnxb] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnz9] File not found
O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnzZ] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKaoc] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKaZ] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKbuq0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKbuqj] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKdw+] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKerb] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe ()
O4 - HKU\Tyler_ON_C..\Run: [MKeuK0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKeuKj] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKewe] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKexe] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKfa] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKfPc] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZJ0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZJj] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZS0] File not found
O4 - HKU\Tyler_ON_C..\Run: [MKZSj] File not found
O4 - HKU\Tyler_ON_C..\Run: [RecordNow!] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.55.5.10 209.55.5.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll ()
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/18 11:59:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\Cookies
[2011/05/18 04:18:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Default User\Cookies
[2011/05/17 17:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tristan\Application Data\Malwarebytes
[2011/05/17 17:14:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/17 17:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/17 17:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/17 17:14:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/17 17:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/17 17:14:00 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/17 17:13:45 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/05/17 17:13:41 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tristan\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/17 17:12:16 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/05/17 17:10:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/05/17 17:07:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/17 16:53:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/05/17 15:50:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/17 15:49:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/05/17 15:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/05/17 15:45:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/17 15:45:38 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/17 15:45:38 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/17 15:45:38 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/17 15:45:08 | 000,000,000 | ---D | C] -- C:\George.exe
[2011/05/17 15:41:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/17 15:41:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/17 13:11:21 | 001,090,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Tyler\Desktop\avg_remover_stf_x86_2011_1184.exe
[2011/05/17 12:14:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.scr
[2011/05/17 12:14:11 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.exe
[2011/05/17 12:12:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\PrivacIE
[2011/05/17 12:12:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IECompatCache
[2011/05/17 12:12:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\UserData
[2007/08/31 13:33:24 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/18 12:52:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/18 12:51:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/18 12:51:26 | 737,202,176 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 11:04:15 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:03:47 | 000,072,752 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 11:03:26 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:03:06 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 11:02:36 | 000,072,744 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 11:01:59 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 08:12:04 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 08:12:01 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:11:27 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/18 04:38:20 | 000,305,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/18 04:21:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/18 04:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/17 17:14:28 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/17 17:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/17 17:13:51 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Tristan\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/17 17:08:27 | 000,002,508 | ---- | M] () -- C:\Documents and Settings\Tristan\Application Data\$_hpcst$.hpc
[2011/05/17 17:01:01 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/17 17:01:01 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/17 17:00:28 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe
[2011/05/17 16:59:28 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/17 16:59:27 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services.exe
[2011/05/17 16:59:26 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user.exe
[2011/05/17 16:59:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/17 15:50:34 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/05/17 14:57:24 | 000,016,316 | ---- | M] () -- C:\WINDOWS\services .exe
[2011/05/17 13:07:14 | 004,350,228 | ---- | M] () -- C:\Documents and Settings\Tyler\Desktop\George.exe.exe
[2011/05/17 11:44:49 | 000,405,878 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/17 11:44:49 | 000,066,680 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/16 23:02:34 | 001,090,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Tyler\Desktop\avg_remover_stf_x86_2011_1184.exe
[2011/05/16 17:00:26 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Tyler\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/14 14:50:58 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.scr
[2011/05/14 14:50:32 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tyler\Desktop\OTL.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/17 17:14:28 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/17 17:08:27 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Tristan\Application Data\$_hpcst$.hpc
[2011/05/17 15:50:34 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/05/17 15:50:27 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/17 15:45:38 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/17 15:45:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/17 15:45:38 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/17 15:45:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/17 15:45:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/17 13:17:40 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Tyler\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/17 13:11:13 | 004,350,228 | ---- | C] () -- C:\Documents and Settings\Tyler\Desktop\George.exe.exe
[2011/04/12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,744 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user.exe
[2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 23:05:51 | 000,016,220 | ---- | C] () -- C:\WINDOWS\user .exe
[2011/04/12 22:50:44 | 000,072,736 | ---- | C] () -- C:\WINDOWS\spoolsv .exe
[2011/04/12 22:50:44 | 000,072,728 | ---- | C] () -- C:\WINDOWS\iexplarer .exe
[2011/04/12 22:48:02 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\57c77O8q.dat
[2011/04/12 22:44:40 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp .exe
[2011/04/12 22:44:37 | 000,072,752 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,740 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services.exe
[2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:37 | 000,016,316 | ---- | C] () -- C:\WINDOWS\services .exe
[2011/04/12 22:44:36 | 000,100,000 | -H-- | C] () -- C:\WINDOWS\mdm.exe
[2011/04/12 22:44:36 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp32 .exe
[2009/10/27 22:05:58 | 000,002,500 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\evpro32.prf
[2008/12/14 22:57:12 | 000,000,058 | ---- | C] () -- C:\WINDOWS\OSA.INI
[2008/09/27 22:17:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2008/08/30 21:15:49 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Tyler\Application Data\$_hpcst$.hpc
[2008/08/20 11:30:54 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2008/06/19 15:18:21 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2008/06/19 15:18:09 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2008/06/19 13:55:48 | 000,000,240 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/05/16 12:58:04 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008/05/02 15:25:01 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01
[2008/03/12 18:31:21 | 000,000,294 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/03/08 00:18:59 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
[2008/03/08 00:12:03 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/03/08 00:12:03 | 000,002,551 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/01/06 21:43:05 | 000,130,971 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2008/01/06 21:43:05 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2007/06/21 15:46:18 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/20 13:07:30 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\$_hpcst$.hpc
[2007/05/24 12:22:23 | 000,003,653 | ---- | C] () -- C:\Documents and Settings\Tammy\r
[2007/03/29 15:00:49 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/11/01 08:47:43 | 000,003,472 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/09/08 11:34:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006/08/18 14:21:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2006/07/05 10:40:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/06/25 15:37:25 | 000,000,094 | ---- | C] () -- C:\WINDOWS\Pro.INI
[2005/06/25 15:36:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\System32\BigKey.dll
[2005/06/25 15:35:42 | 000,225,792 | ---- | C] () -- C:\WINDOWS\System32\imgman30.dll
[2005/06/25 15:35:39 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\pg32conv.dll
[2005/04/30 13:24:42 | 000,002,254 | ---- | C] () -- C:\WINDOWS\hpdj3740.ini
[2005/04/11 11:50:41 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Tammy\Local Settings\Application Data\fusioncache.dat
[2005/04/04 16:22:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2004/08/25 05:44:10 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/25 05:01:35 | 000,006,848 | ---- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2004/08/25 05:01:22 | 000,018,403 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2004/08/25 05:01:22 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2004/08/25 04:54:31 | 000,038,867 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2004/08/25 04:54:31 | 000,029,116 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2004/08/25 04:48:37 | 000,000,912 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/08/25 04:32:17 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/08/25 03:51:17 | 000,028,779 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2004/08/25 03:51:17 | 000,024,681 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2004/08/25 03:50:19 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/08/07 09:16:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/07 09:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 09:10:30 | 000,405,878 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/07 09:10:30 | 000,066,680 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/07 09:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/07 09:02:54 | 000,305,216 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/07 08:57:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/07 08:54:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/04 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/25 18:53:08 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.dll
[2004/03/25 18:53:04 | 000,397,312 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/03/17 09:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 09:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/01/09 07:22:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/28 04:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 04:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1998/04/15 11:29:38 | 000,000,429 | ---- | C] () -- C:\WINDOWS\System32\hspell.ini

========== Custom Scans ==========


< :OTL >

< IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.whitesmok.../?cfg=2-267-0-0 >
Invalid Switch: ?cfg=2-267-0-0

< IE - HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://myclearsearch.com/ >
Invalid Switch:


< IE - HKU\Tammy_ON_C\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found >

< IE - HKU\Tammy_ON_C\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found >

< O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found. >

< O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. >

< O3 - HKU\Tammy_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. >

< O3 - HKU\Tammy_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. >

< O3 - HKU\Tammy_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. >

< O3 - HKU\Tristan_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. >

< O3 - HKU\Tristan_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. >

< O3 - HKU\Tyler_ON_C\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. >

< O3 - HKU\Tyler_ON_C\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. >

< O3 - HKU\Tyler_ON_C\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. >

< O4 - HKLM..\Run: [HNUjcIXnb] File not found >

< O4 - HKLM..\Run: [HNUjcIXnd] File not found >

< O4 - HKLM..\Run: [HNUjcIXnf6] File not found >

< O4 - HKLM..\Run: [HNUjcIXnflc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnfp] File not found >

< O4 - HKLM..\Run: [HNUjcIXnfQ] File not found >

< O4 - HKLM..\Run: [HNUjcIXngqc] File not found >

< O4 - HKLM..\Run: [HNUjcIXngqgc] File not found >

< O4 - HKLM..\Run: [HNUjcIXngqgK] File not found >

< O4 - HKLM..\Run: [HNUjcIXngqj] File not found >

< O4 - HKLM..\Run: [HNUjcIXno1] File not found >

< O4 - HKLM..\Run: [HNUjcIXnoc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnqe] File not found >

< O4 - HKLM..\Run: [HNUjcIXnrc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnrH0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnrHj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnrHK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnsb] File not found >

< O4 - HKLM..\Run: [HNUjcIXnsw0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnswj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnswK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnt2] File not found >

< O4 - HKLM..\Run: [HNUjcIXntd0] File not found >

< O4 - HKLM..\Run: [HNUjcIXntdc] File not found >

< O4 - HKLM..\Run: [HNUjcIXntdg0] File not found >

< O4 - HKLM..\Run: [HNUjcIXntdgc] File not found >

< O4 - HKLM..\Run: [HNUjcIXntdgj] File not found >

< O4 - HKLM..\Run: [HNUjcIXntdj] File not found >

< O4 - HKLM..\Run: [HNUjcIXntdK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnte] File not found >

< O4 - HKLM..\Run: [HNUjcIXntg] File not found >

< O4 - HKLM..\Run: [HNUjcIXntI] File not found >

< O4 - HKLM..\Run: [HNUjcIXntz0] File not found >

< O4 - HKLM..\Run: [HNUjcIXntzgc] File not found >

< O4 - HKLM..\Run: [HNUjcIXntzj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnVc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnVg0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnVgj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnVgK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnVK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnw0c] File not found >

< O4 - HKLM..\Run: [HNUjcIXnw3] File not found >

< O4 - HKLM..\Run: [HNUjcIXnwd0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnwe] File not found >

< O4 - HKLM..\Run: [HNUjcIXnwg] File not found >

< O4 - HKLM..\Run: [HNUjcIXnX0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXg0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgg0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXggc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXggg0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgggc] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgggj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgggK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXggj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXggK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXgK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnXK] File not found >

< O4 - HKLM..\Run: [HNUjcIXnY] File not found >

< O4 - HKLM..\Run: [HNUjcIXnZ0] File not found >

< O4 - HKLM..\Run: [HNUjcIXnZj] File not found >

< O4 - HKLM..\Run: [HNUjcIXnZK] File not found >

< O4 - HKLM..\Run: [HNUnaIXnb] File not found >

< O4 - HKLM..\Run: [HNUnaIXnd] File not found >

< O4 - HKLM..\Run: [HNUnaIXneP] File not found >

< O4 - HKLM..\Run: [HNUnaIXnf6] File not found >

< O4 - HKLM..\Run: [HNUnaIXnfQ] File not found >

< O4 - HKLM..\Run: [HNUnaIXnrc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnrHc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnrHK] File not found >

< O4 - HKLM..\Run: [HNUnaIXnrK] File not found >

< O4 - HKLM..\Run: [HNUnaIXnsb] File not found >

< O4 - HKLM..\Run: [HNUnaIXnsd] File not found >

< O4 - HKLM..\Run: [HNUnaIXnsF] File not found >

< O4 - HKLM..\Run: [HNUnaIXnsZc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnuf] File not found >

< O4 - HKLM..\Run: [HNUnaIXnus0] File not found >

< O4 - HKLM..\Run: [HNUnaIXnusc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnusj] File not found >

< O4 - HKLM..\Run: [HNUnaIXnusK] File not found >

< O4 - HKLM..\Run: [HNUnaIXnvc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnvZ] File not found >

< O4 - HKLM..\Run: [HNUnaIXnwdc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnwg] File not found >

< O4 - HKLM..\Run: [HNUnaIXnwpc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnwpK] File not found >

< O4 - HKLM..\Run: [HNUnaIXnxb] File not found >

< O4 - HKLM..\Run: [HNUnaIXnXc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnXK] File not found >

< O4 - HKLM..\Run: [HNUnaIXnz9] File not found >

< O4 - HKLM..\Run: [HNUnaIXnZc] File not found >

< O4 - HKLM..\Run: [HNUnaIXnzZ] File not found >

< O4 - HKLM..\Run: [MKaH] File not found >

< O4 - HKLM..\Run: [MKaoc] File not found >

< O4 - HKLM..\Run: [MKaoK] File not found >

< O4 - HKLM..\Run: [MKaZ] File not found >

< O4 - HKLM..\Run: [MKbta] File not found >

< O4 - HKLM..\Run: [MKbuq0] File not found >

< O4 - HKLM..\Run: [MKbuqc] File not found >

< O4 - HKLM..\Run: [MKbuqj] File not found >

< O4 - HKLM..\Run: [MKdw+] File not found >

< O4 - HKLM..\Run: [MKea0] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeac] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeag0] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeagc] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeaggc] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeaggK] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeagj] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeagK] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeaj] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKeaK] C:\WINDOWS\user .exe () >

< O4 - HKLM..\Run: [MKee] C:\WINDOWS\user.exe () >

< O4 - HKLM..\Run: [MKerb] File not found >

< O4 - HKLM..\Run: [MKeta] C:\WINDOWS\services.exe () >

< O4 - HKLM..\Run: [MKetW0] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWc] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWg0] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWgc] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWggc] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWgj] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWgK] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWj] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKetWK] C:\WINDOWS\services .exe () >

< O4 - HKLM..\Run: [MKeuf] File not found >

< O4 - HKLM..\Run: [MKeuK0] File not found >

< O4 - HKLM..\Run: [MKeuKj] File not found >

< O4 - HKLM..\Run: [MKewe] File not found >

< O4 - HKLM..\Run: [MKexe] File not found >

< O4 - HKLM..\Run: [MKfa] File not found >

< O4 - HKLM..\Run: [MKfPc] File not found >

< O4 - HKLM..\Run: [MKfpe] File not found >

< O4 - HKLM..\Run: [MKfpI] File not found >

< O4 - HKLM..\Run: [MKfPK] File not found >

< O4 - HKLM..\Run: [MKfre] File not found >

< O4 - HKLM..\Run: [MKfrJc] File not found >

< O4 - HKLM..\Run: [MKfrJK] File not found >

< O4 - HKLM..\Run: [MKfrN] File not found >

< O4 - HKLM..\Run: [MKZe] File not found >

< O4 - HKLM..\Run: [MKZJ0] File not found >

< O4 - HKLM..\Run: [MKZJj] File not found >

< O4 - HKLM..\Run: [MKZS0] File not found >

< O4 - HKLM..\Run: [MKZSc] File not found >

< O4 - HKLM..\Run: [MKZSg0] File not found >

< O4 - HKLM..\Run: [MKZSgc] File not found >

< O4 - HKLM..\Run: [MKZSgK] File not found >

< O4 - HKLM..\Run: [MKZSj] File not found >

< O4 - HKLM..\Run: [QuickTime Task] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [BackupNotify] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnb] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnd] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnf6] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnfQ] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXngqc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnoc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnqe] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnrc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnsb] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnt2] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntd0] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdgc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdj] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntdK] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnte] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntg] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXntI] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnVc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnVK] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnwe] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnwg] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [HNUjcIXnY] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [MKbuqc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [MKeuf] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [MKfa] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [MKZe] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [MKZSc] File not found >

< O4 - HKU\Tammy_ON_C..\Run: [RecordNow!] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUjcIXnqe] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUjcIXnVgj] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnf6] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrHc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrHK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnrK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnsF] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnsZc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnus0] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnusj] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnusK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnwdc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnwpK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnXc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnXK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnz9] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [HNUnaIXnZc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKaH] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKaoK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKbta] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKdw+] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKea0] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeac] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeag0] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeagc] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeaggc] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeaggK] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeagj] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeagK] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeaj] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKeaK] C:\WINDOWS\user .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKee] C:\WINDOWS\user.exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKerb] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetW0] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWc] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWg0] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWgc] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWggc] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWgj] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWgK] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWj] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKetWK] C:\WINDOWS\services .exe () >

< O4 - HKU\Tristan_ON_C..\Run: [MKewe] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKexe] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfa] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfpe] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfpI] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfPK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfre] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfrJc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfrJK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKfrN] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKZSg0] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKZSgc] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [MKZSgK] File not found >

< O4 - HKU\Tristan_ON_C..\Run: [RecordNow!] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnflc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnfp] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqgc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqgK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXngqj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXno1] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnqe] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrH0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrHj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnrHK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnsw0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnswj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnswK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntdg0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntdgj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntz0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntzgc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXntzj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnVg0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnVgK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnw0c] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnw3] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnwd0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnX0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXg0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgg0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggg0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgggK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXggK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXgK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnXK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZ0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUjcIXnZK] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnb] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnd] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXneP] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnfQ] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnrc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnsb] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnsd] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnuf] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnusc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnvc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnvZ] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnwg] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnwpc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnxb] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnz9] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [HNUnaIXnzZ] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKaoc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKaZ] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKbuq0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKbuqj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKdw+] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKerb] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKeta] C:\WINDOWS\services.exe () >

< O4 - HKU\Tyler_ON_C..\Run: [MKeuK0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKeuKj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKewe] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKexe] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKfa] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKfPc] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKZJ0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKZJj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKZS0] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [MKZSj] File not found >

< O4 - HKU\Tyler_ON_C..\Run: [RecordNow!] File not found >

< O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1 >

< O7 - HKU\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 >

< O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1 >

< O7 - HKU\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 >

< O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1 >

< O7 - HKU\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 >

< [2011/05/18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 11:08:38 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/18 11:04:15 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 11:04:15 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 11:03:47 | 000,072,752 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 11:03:47 | 000,072,752 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/18 11:03:26 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 11:03:26 | 000,072,748 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 11:03:06 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 11:03:06 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/18 11:02:36 | 000,072,744 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 11:02:36 | 000,072,744 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 11:01:59 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 11:01:59 | 000,072,744 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 08:12:32 | 000,072,740 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/18 08:12:04 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 08:12:04 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/18 08:12:01 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 08:12:01 | 000,072,740 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 08:11:27 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 08:11:27 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 18 08:10:49 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/17 17:01:01 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 17 17:01:01 | 000,072,736 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/17 17:01:01 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 17 17:01:01 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/17 17:00:28 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe >
Invalid Switch: 17 17:00:28 | 000,072,736 | ---- | M] () -- C:\WINDOWS\user .exe


< [2011/05/17 16:59:28 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 17 16:59:28 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/05/17 16:59:27 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services.exe >
Invalid Switch: 17 16:59:27 | 000,072,732 | ---- | M] () -- C:\WINDOWS\services.exe


< [2011/05/17 16:59:26 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user.exe >
Invalid Switch: 17 16:59:26 | 000,072,732 | ---- | M] () -- C:\WINDOWS\user.exe


< [2011/05/17 14:57:24 | 000,016,316 | ---- | M] () -- C:\WINDOWS\services .exe >
Invalid Switch: 17 14:57:24 | 000,016,316 | ---- | M] () -- C:\WINDOWS\services .exe


< [2011/04/12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,748 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,744 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,744 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,740 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,736 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user.exe >
Invalid Switch: 12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user.exe


< [2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,072,732 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 23:05:51 | 000,016,220 | ---- | C] () -- C:\WINDOWS\user .exe >
Invalid Switch: 12 23:05:51 | 000,016,220 | ---- | C] () -- C:\WINDOWS\user .exe


< [2011/04/12 22:50:44 | 000,072,736 | ---- | C] () -- C:\WINDOWS\spoolsv .exe >
Invalid Switch: 12 22:50:44 | 000,072,736 | ---- | C] () -- C:\WINDOWS\spoolsv .exe


< [2011/04/12 22:50:44 | 000,072,728 | ---- | C] () -- C:\WINDOWS\iexplarer .exe >
Invalid Switch: 12 22:50:44 | 000,072,728 | ---- | C] () -- C:\WINDOWS\iexplarer .exe


< [2011/04/12 22:48:02 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\57c77O8q.dat >
Invalid Switch: 12 22:48:02 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\57c77O8q.dat


< [2011/04/12 22:44:40 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp .exe >
Invalid Switch: 12 22:44:40 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp .exe


< [2011/04/12 22:44:37 | 000,072,752 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,752 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,744 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,740 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,740 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,736 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services.exe >
Invalid Switch: 12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services.exe


< [2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,072,732 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:37 | 000,016,316 | ---- | C] () -- C:\WINDOWS\services .exe >
Invalid Switch: 12 22:44:37 | 000,016,316 | ---- | C] () -- C:\WINDOWS\services .exe


< [2011/04/12 22:44:36 | 000,100,000 | -H-- | C] () -- C:\WINDOWS\mdm.exe >
Invalid Switch: 12 22:44:36 | 000,100,000 | -H-- | C] () -- C:\WINDOWS\mdm.exe


< [2011/04/12 22:44:36 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp32 .exe >
Invalid Switch: 12 22:44:36 | 000,072,728 | ---- | C] () -- C:\WINDOWS\avp32 .exe


< [2009/10/27 22:05:58 | 000,002,500 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\evpro32.prf >
Invalid Switch: 27 22:05:58 | 000,002,500 | ---- | C] () -- C:\Documents and Settings\Tammy\Application Data\evpro32.prf


< [2008/05/02 15:25:01 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01 >
Invalid Switch: 02 15:25:01 | 000,000,000 | ---- | C] () -- C:\Program Files\temp01


< [2011/02/21 13:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\whitesmoketoolbar >
Invalid Switch: 21 13:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\whitesmoketoolbar


< [2011/05/17 11:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tyler\Application Data\whitesmoketoolbar >
Invalid Switch: 17 11:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tyler\Application Data\whitesmoketoolbar



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BD9F7E4E
@Alternate Data Stream - 96 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ED810E46
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7290F122
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5294695
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D055FC10
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0A9D0E7
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:85C3B823
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9ACB70D7
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:90D89144
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D31BE97C
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:43301D1D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:70E897B5

< End of report >
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi Tammy - you pressed the run scan button rather than the run fix button

So you will need to run it again

This time press the Run Fix button

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB
[attachment=50150:fix.txt]
  • Insert your USB drive with fix.txt on it
  • Start OTLPE
  • Drag and drop fix.txt into the Custom scans and fixes box
  • If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done to normal mode if possible
  • Then post a new OTL log ( don't check the boxes beside LOP Check or Purity this time )

  • 0

Advertisements


#11
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
CRAP!!!! Ok, will do again....lol
  • 0

#12
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
========== OTL ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
HKU\Tammy_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{9D425283-D487-4337-BAB6-AB8354A81457} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ not found.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnf6 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnflc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnfp deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnfQ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqgc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqgK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXno1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnoc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnqe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrH0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrHj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrHK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnsb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnsw0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnswj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnswK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnt2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntd0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdg0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdgc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdgj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnte deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntI deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntz0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntzgc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntzj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVg0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVgj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVgK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnw0c deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnw3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnwd0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnwe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnwg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnX0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXg0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgg0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggg0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgggc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgggj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgggK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnY deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnZ0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnZj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnZK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXneP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnf6 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnfQ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrHc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrHK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsd deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsF deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsZc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnuf deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnus0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnusc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnusj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnusK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnvc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnvZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwdc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwg deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwpc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwpK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnxb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnXc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnXK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnz9 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnZc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnzZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKaH deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKaZ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbta deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuq0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuqc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuqj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKea0 deleted successfully.
C:\WINDOWS\user .exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeac deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeag0 deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeagc deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaggc deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaggK deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeagj deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeagK deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaj deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaK deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKee deleted successfully.
C:\WINDOWS\user.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKerb deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta deleted successfully.
C:\WINDOWS\services.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetW0 deleted successfully.
C:\WINDOWS\services .exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWc deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWg0 deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgc deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWggc deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgj deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgK deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWj deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWK deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuK0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuKj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKewe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKexe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfpe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfpI deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfre deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfrJc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfrJK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKfrN deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZJ0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZJj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZS0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSg0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSgc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSgK deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSj deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\BackupNotify deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnb deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnd deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnf6 deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnfQ deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnoc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnqe deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnsb deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnt2 deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntd0 deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdgc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdj deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdK deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnte deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntg deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntI deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVK deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnwe deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnwg deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnY deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuqc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZe deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSc deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\RecordNow! deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnqe deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVgj deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnf6 deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrHc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrHK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsF deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsZc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnus0 deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnusj deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnusK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwdc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwpK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnXc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnXK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnz9 deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnZc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKaH deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbta deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKea0 deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeac deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeag0 deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeagc deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaggc deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaggK deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeagj deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeagK deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaj deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeaK deleted successfully.
File C:\WINDOWS\user .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKee deleted successfully.
File C:\WINDOWS\user.exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKerb deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta deleted successfully.
File C:\WINDOWS\services.exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetW0 deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWc deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWg0 deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgc deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWggc deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgj deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgK deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWj deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWK deleted successfully.
File C:\WINDOWS\services .exe not found.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKewe deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKexe deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfpe deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfpI deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfre deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfrJc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfrJK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfrN deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSg0 deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSgc deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSgK deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\RecordNow! deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnflc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnfp deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqgc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqgK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXngqj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXno1 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnqe deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrH0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrHj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnrHK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnsw0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnswj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnswK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdg0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntdgj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntz0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntzgc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXntzj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVg0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnVgK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnw0c deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnw3 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnwd0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnX0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXg0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgg0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggg0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgggc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgggj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgggK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXggK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXgK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnXK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnZ0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnZj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUjcIXnZK deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnb deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnd deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXneP deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnfQ deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnrc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsb deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnsd deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnuf deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnusc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnvc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnvZ deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwg deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnwpc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnxb deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnz9 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUnaIXnzZ deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKaoc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKaZ deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuq0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKbuqj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKerb deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta deleted successfully.
File C:\WINDOWS\services.exe not found.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuK0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuKj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKewe deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKexe deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKfPc deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZJ0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZJj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZS0 deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKZSj deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\RecordNow! deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\Tammy_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\Tristan_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoFolderOptions deleted successfully.
Registry value HKEY_USERS\Tyler_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services.exe not found.
File C:\WINDOWS\user.exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user.exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
File C:\WINDOWS\user .exe not found.
C:\WINDOWS\spoolsv .exe moved successfully.
C:\WINDOWS\iexplarer .exe moved successfully.
C:\Documents and Settings\All Users\Application Data\57c77O8q.dat moved successfully.
C:\WINDOWS\avp .exe moved successfully.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services.exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
File C:\WINDOWS\services .exe not found.
C:\WINDOWS\mdm.exe moved successfully.
C:\WINDOWS\avp32 .exe moved successfully.
C:\Documents and Settings\Tammy\Application Data\evpro32.prf moved successfully.
C:\Program Files\temp01 moved successfully.
C:\Documents and Settings\NetworkService\Application Data\whitesmoketoolbar folder moved successfully.
C:\Documents and Settings\Tyler\Application Data\whitesmoketoolbar\weather folder moved successfully.
C:\Documents and Settings\Tyler\Application Data\whitesmoketoolbar\search folder moved successfully.
C:\Documents and Settings\Tyler\Application Data\whitesmoketoolbar folder moved successfully.

OTLPE by OldTimer - Version 3.1.46.0 log created on 05182011_151633
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now boot normally please and run Malwarebytes after updating it - then post the log and let me know what problems you are experiencing
  • 0

#14
tammy111

tammy111

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
ok, got it downloaded and running...will post the log when its done
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looking better ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP